Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Rogue No More: Securing Kubernetes with Node-Specific Restrictions

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Learn about critical Kubernetes security enhancements in this technical conference talk that addresses the vulnerabilities of components running across multiple nodes. Discover how daemonset components performing node-specific actions can create security risks and potentially lead to cluster attacks or takeovers. Explore practical solutions through new security features focusing on bound service account tokens and their integration with validating admission policies to enforce per-node restrictions. Follow along as Microsoft's Anish Ramasekar and Apple's James Munnelly demonstrate implementation strategies for achieving robust node isolation, effectively preventing escalation attacks and strengthening cluster security.

Syllabus

Rogue No More: Securing Kubernetes with Node-Specific Restrictio... Anish Ramasekar & James Munnelly

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Rogue No More: Securing Kubernetes with Node-Specific Restrictions

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.